General
-
Target
cb9ecf13134922777a9e8f656844275a_JaffaCakes118
-
Size
4.0MB
-
Sample
240405-fq1p3acg2v
-
MD5
cb9ecf13134922777a9e8f656844275a
-
SHA1
38a46544e021317d1a522c06d66844319ef3b3f4
-
SHA256
2b6862758d7e1fa0b613e8ef792cc1c36a85e6c0806094fb9cbe5c36045e1dbf
-
SHA512
587e9ec12d68c1cdcc68c01e0e59674ef73ca352d4b9f80d96db831b86cc495da1f48390f639a208264fcb4432567c9b7b5164997f41b737e711cfd6c4196286
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY4:DD2Z1qT3Zz888QCwRO/wT/aY4
Behavioral task
behavioral1
Sample
cb9ecf13134922777a9e8f656844275a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cb9ecf13134922777a9e8f656844275a_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
cb9ecf13134922777a9e8f656844275a_JaffaCakes118
-
Size
4.0MB
-
MD5
cb9ecf13134922777a9e8f656844275a
-
SHA1
38a46544e021317d1a522c06d66844319ef3b3f4
-
SHA256
2b6862758d7e1fa0b613e8ef792cc1c36a85e6c0806094fb9cbe5c36045e1dbf
-
SHA512
587e9ec12d68c1cdcc68c01e0e59674ef73ca352d4b9f80d96db831b86cc495da1f48390f639a208264fcb4432567c9b7b5164997f41b737e711cfd6c4196286
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY4:DD2Z1qT3Zz888QCwRO/wT/aY4
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-